Dr Shamal Faily s.faily@rgu.ac.uk
Lecturer
Designing and aligning e-science security culture with design.
Authors
Ivan
Abstract
The purpose of this paper is to identify the key cultural concepts affecting security in multi-organisational systems, and to align these with design techniques and tools. A grounded theory model of security culture was derived from the related security culture literature and empirical data from an e-Science project. Influencing concepts were derived from these, and aligned with recent work on techniques and tools for usable secure systems design. Roles and responsibility, sub-cultural norms and contexts, and different perceptions of requirements were found to be influencing concepts towards a culture of security. These concepts align with recent work on personas, environment models, and related tool support. This paper contributes a theoretically and empirically grounded model of security culture. This is also the first paper explicitly aligning key concepts of security culture to design techniques and tools.
Citation
FAILY, S. and FLÉCHAIS, I. 2010. Designing and aligning e-science security culture with design. Information management and computer security [online], 18(5): selected papers from the South African information security multi-conference (SAISMC 2010), 17-18 May 2010, Port Elizabeth, South Africa, pages 339-349. Available from: https://doi.org/10.1108/09685221011095254
| Journal Article Type | Conference Paper |
|---|---|
| Conference Name | South African information security multi-conference (SAISMC 2010) |
| Conference Location | Port Elizabeth, South Africa |
| Acceptance Date | Nov 23, 2010 |
| Online Publication Date | Nov 23, 2010 |
| Publication Date | Dec 31, 2010 |
| Deposit Date | Sep 29, 2021 |
| Publicly Available Date | Dec 21, 2021 |
| Journal | Information Management & Computer Security |
| Print ISSN | 0968-5227 |
| Publisher | Emerald |
| Peer Reviewed | Peer Reviewed |
| Volume | 18 |
| Issue | 5 |
| Pages | 339-349 |
| DOI | https://doi.org/10.1108/09685221011095254 |
| Keywords | Systems theory; Systems security; Data security; User-centered design; Software engineering |
| Public URL | https://rgu-repository.worktribe.com/output/1427834 |
Files
FAILY 2010 Designing and aligning e-science security
(448 Kb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by-nc/4.0/
You might also like
Privacy goals for the data lifecycle.
(2022)
Journal Article
Automation and cyber security risks on the railways: the human factors implications.
(2022)
Presentation / Conference
Assessing system of systems information security risk with OASoSIS.
(2022)
Journal Article
Integrated design framework for facilitating systems-theoretic process analysis.
(2022)
Conference Proceeding
Visualising personas as goal models to find security tensions.
(2021)
Journal Article